Strategies to Mitigate Cyber Security Incidents

The Australian Cyber Security Centre (ACSC) has developed prioritised mitigation strategies to assist organisations in protecting their systems against a range of cyber threats such as:

While no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement eight essential mitigation strategies as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems. Furthermore, implementing the Essential Eight proactively can be more cost-effective in terms of time, money and effort than having to respond to a successful large-scale cyber security incident.

The Essential Eight are:

ACSC's Australian Government Information Security Manual (ISM) provides supporting guidance. ACSC also has separate guidance for mitigating denial-of-service attacks, securely using cloud services and enterprise mobility, including personally-owned computing devices.

Strategies to Mitigate Cyber Security Incidents
Primary Guidance

Essential Eight Explained

Additional Guidance

Mitigation strategies to prevent malware delivery and execution

Mitigation strategies to limit the extent of cyber security incidents

Mitigation strategies to detect cyber security incidents and respond

Contact details